Hjälp me loggfil

[Gäst idgadmin]

Hej har kört ad-aware på en av mina datorer,har just fått rensa upp massa trojaner mm. Den här datorn e ändå ok tror ja kan nån kunnig se om de e nåt som inte e bra. MVH Adam

 

skickar me loggfil

 

 

Ad-Aware SE Build 1.05

Logfile Created on:den 1 januari 2005 18:17:16

Created with Ad-Aware SE Personal, free for private use.

Using definitions file:SE1R24 29.12.2004

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

References detected during the scan:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

180Solutions(TAC index:8):3 total references

BargainBuddy(TAC index:8):21 total references

BookedSpace(TAC index:10):16 total references

Tracking Cookie(TAC index:3):1 total references

VX2(TAC index:10):19 total references

Zango(TAC index:6):2 total references

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan my Hosts file

 

Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Scan registry for all users instead of current user only

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Include alternate data stream details in log file

Set : Play sound at scan completion if scan locates critical objects

 

 

2005-01-01 18:17:16 - Scan started. (Full System Scan)

 

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32 ProcessID : 572

ThreadCreationTime : 2005-01-01 16:24:49

BasePriority : Normal

 

 

#:2 [csrss.exe]

FilePath : \??\C:\WINDOWS\system32 ProcessID : 636

ThreadCreationTime : 2005-01-01 16:24:52

BasePriority : Normal

 

 

#:3 [winlogon.exe]

FilePath : \??\C:\WINDOWS\system32 ProcessID : 664

ThreadCreationTime : 2005-01-01 16:24:55

BasePriority : High

 

 

#:4 [services.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 708

ThreadCreationTime : 2005-01-01 16:24:58

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Tjänst- och styrenhetsprogram

InternalName : services.exe

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : services.exe

 

#:5 [lsass.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 720

ThreadCreationTime : 2005-01-01 16:24:58

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : lsass.exe

 

#:6 [svchost.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 864

ThreadCreationTime : 2005-01-01 16:25:02

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:7 [svchost.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 956

ThreadCreationTime : 2005-01-01 16:25:02

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:8 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 1052

ThreadCreationTime : 2005-01-01 16:25:03

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:9 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 1152

ThreadCreationTime : 2005-01-01 16:25:03

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:10 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 1264

ThreadCreationTime : 2005-01-01 16:25:04

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:11 [spoolsv.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1480

ThreadCreationTime : 2005-01-01 16:25:08

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : spoolsv.exe

 

#:12 [avgamsvr.exe]

FilePath : C:\Program\Grisoft\AVGFRE~1 ProcessID : 1652

ThreadCreationTime : 2005-01-01 16:25:24

BasePriority : Normal

FileVersion : 7,1,0,285

ProductVersion : 7.1.0.285

ProductName : AVG Anti-Virus System

CompanyName : GRISOFT, s.r.o.

FileDescription : AVG Alert Manager

InternalName : avgamsvr

LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.

OriginalFilename : avgamsvr.EXE

 

#:13 [avgupsvc.exe]

FilePath : C:\Program\Grisoft\AVGFRE~1 ProcessID : 1692

ThreadCreationTime : 2005-01-01 16:25:25

BasePriority : Normal

FileVersion : 7,1,0,285

ProductVersion : 7.1.0.285

ProductName : AVG 7.0 Anti-Virus System

CompanyName : GRISOFT, s.r.o.

FileDescription : AVG Update Service

InternalName : avgupsvc

LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.

OriginalFilename : avgupdsvc.EXE

 

#:14 [ccsetmgr.exe]

FilePath : C:\Program\Delade filer\Symantec Shared ProcessID : 1712

ThreadCreationTime : 2005-01-01 16:25:25

BasePriority : Normal

FileVersion : 2.1.0.610

ProductVersion : 2.1.0.610

ProductName : Common Client

CompanyName : Symantec Corporation

FileDescription : Common Client Settings Manager Service

InternalName : ccSetMgr

LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.

OriginalFilename : ccSetMgr.exe

 

#:15 [cisvc.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1724

ThreadCreationTime : 2005-01-01 16:25:26

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Content Index service

InternalName : cisvc.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : cisvc.exe

 

#:16 [ghosts~2.exe]

FilePath : C:\Program\NORTON~1\NORTON~4 ProcessID : 1772

ThreadCreationTime : 2005-01-01 16:25:27

BasePriority : Normal

FileVersion : 2003.789

ProductVersion : 2003.789

ProductName : Norton Ghost Start Service

CompanyName : Symantec Corporation

FileDescription : Norton Ghost Start

InternalName : GhostStartService

LegalCopyright : Copyright © 1998-2003 Symantec Corp. All rights reserved.

OriginalFilename : GhostStartService.exe

 

#:17 [hpb2ksrv.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 1800

ThreadCreationTime : 2005-01-01 16:25:27

BasePriority : Normal

FileVersion : 2.5.0.2

ProductVersion : 2.5.0.2

CompanyName : Hewlett-Packard Company

FileDescription : HP Status Win2k Service

InternalName : HPB2KSRV.EXE

LegalCopyright : Copyright © Hewlett-Packard 2002

OriginalFilename : HPB2KSRV.EXE

 

#:18 [hpbhksrv.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 1820

ThreadCreationTime : 2005-01-01 16:25:28

BasePriority : Normal

 

 

#:19 [mdm.exe]

FilePath : C:\Program\Delade filer\Microsoft Shared\VS7DEBUG ProcessID : 1844

ThreadCreationTime : 2005-01-01 16:25:28

BasePriority : Normal

FileVersion : 7.00.9466

ProductVersion : 7.00.9466

ProductName : Microsoft® Visual Studio .NET

CompanyName : Microsoft Corporation

FileDescription : Machine Debug Manager

InternalName : mdm.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : mdm.exe

 

#:20 [navapsvc.exe]

FilePath : C:\Program\Norton SystemWorks\Norton Antivirus ProcessID : 1892

ThreadCreationTime : 2005-01-01 16:25:29

BasePriority : Normal

FileVersion : 10.00.2

ProductVersion : 10.00.2

ProductName : Norton AntiVirus

CompanyName : Symantec Corporation

FileDescription : Norton AntiVirus Auto-Protect Service

InternalName : NAVAPSVC

LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.

OriginalFilename : NAVAPSVC.EXE

 

#:21 [nprotect.exe]

FilePath : C:\Program\NORTON~1\NORTON~2 ProcessID : 1964

ThreadCreationTime : 2005-01-01 16:25:30

BasePriority : Normal

FileVersion : 17.0.0.82

ProductVersion : 17.0.0.82

ProductName : Norton Utilities

CompanyName : Symantec Corporation

FileDescription : Norton Protection Status

InternalName : NPROTECT

LegalCopyright : Copyright © 1997-2003 Symantec Corporation

LegalTrademarks : Norton Utilities® and UnErase® are registered trademarks of Symantec Corporation.

OriginalFilename : NPROTECT.EXE

 

#:22 [savscan.exe]

FilePath : C:\Program\Norton SystemWorks\Norton Antivirus ProcessID : 2036

ThreadCreationTime : 2005-01-01 16:25:34

BasePriority : Normal

FileVersion : 9.2.1.14

ProductVersion : 9.2

ProductName : Symantec AntiVirus AutoProtect

CompanyName : Symantec Corporation

FileDescription : Symantec AntiVirus Scanner

InternalName : SAVSCAN

LegalCopyright : Copyright © 2003 Symantec Corporation

OriginalFilename : SAVSCAN.EXE

 

#:23 [nopdb.exe]

FilePath : C:\Program\NORTON~1\NORTON~2\SPEEDD~1 ProcessID : 228

ThreadCreationTime : 2005-01-01 16:25:35

BasePriority : Normal

FileVersion : 7.00.0.24

ProductVersion : 7.00.0.24

ProductName : Norton Speed Disk

CompanyName : Symantec Corporation

FileDescription : NOPDB

InternalName : NOPDB

LegalCopyright : Copyright © 1997-2003 Symantec Corporation

OriginalFilename : NOPDB.dll

 

#:24 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 268

ThreadCreationTime : 2005-01-01 16:25:36

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:25 [symlcsvc.exe]

FilePath : C:\Program\Delade filer\Symantec Shared\CCPD-LC ProcessID : 320

ThreadCreationTime : 2005-01-01 16:25:38

BasePriority : Normal

FileVersion : 1, 8, 48, 79

ProductVersion : 1, 8, 48, 79

ProductName : Symantec Core Component

CompanyName : Symantec Corporation

FileDescription : Symantec Core Component

InternalName : symlcsvc

LegalCopyright : Copyright © 2003

OriginalFilename : symlcsvc.exe

 

#:26 [wdfmgr.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 392

ThreadCreationTime : 2005-01-01 16:25:39

BasePriority : Normal

FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)

ProductVersion : 5.2.3790.1230

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows User Mode Driver Manager

InternalName : WdfMgr

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : WdfMgr.exe

 

#:27 [ccevtmgr.exe]

FilePath : C:\Program\Delade filer\Symantec Shared ProcessID : 436

ThreadCreationTime : 2005-01-01 16:25:40

BasePriority : Normal

FileVersion : 2.1.0.610

ProductVersion : 2.1.0.610

ProductName : Common Client

CompanyName : Symantec Corporation

FileDescription : Common Client Event Manager Service

InternalName : ccEvtMgr

LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.

OriginalFilename : ccEvtMgr.exe

 

#:28 [explorer.exe]

FilePath : C:\WINDOWS ProcessID : 1580

ThreadCreationTime : 2005-01-01 16:25:51

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Utforskaren

InternalName : explorer

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : EXPLORER.EXE

 

#:29 [agrsmmsg.exe]

FilePath : C:\WINDOWS ProcessID : 2468

ThreadCreationTime : 2005-01-01 16:26:07

BasePriority : Normal

FileVersion : 2.1.28 2.1.28 03/31/2003 13:54:16

ProductVersion : 2.1.28 2.1.28 03/31/2003 13:54:16

ProductName : Agere SoftModem Messaging Applet

CompanyName : Agere Systems

FileDescription : SoftModem Messaging Applet

InternalName : smdmstat.exe

LegalCopyright : Copyright © Agere Systems 1998-2000

OriginalFilename : smdmstat.exe

 

#:30 [syntplpr.exe]

FilePath : C:\Program\Synaptics\SynTP ProcessID : 2524

ThreadCreationTime : 2005-01-01 16:26:10

BasePriority : Normal

FileVersion : 7.2.0 15Nov02

ProductVersion : 7.2.0 15Nov02

ProductName : Progressive Touch

CompanyName : Synaptics, Inc.

FileDescription : TouchPad Driver Helper Application

InternalName : SynTPLpr

LegalCopyright : Copyright © Synaptics, Inc. 1996-2002

OriginalFilename : SynTPLpr.exe

 

#:31 [alg.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 2568

ThreadCreationTime : 2005-01-01 16:26:12

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Application Layer Gateway Service

InternalName : ALG.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : ALG.exe

 

#:32 [syntpenh.exe]

FilePath : C:\Program\Synaptics\SynTP ProcessID : 2632

ThreadCreationTime : 2005-01-01 16:26:13

BasePriority : Normal

FileVersion : 7.2.0 15Nov02

ProductVersion : 7.2.0 15Nov02

ProductName : Progressive Touch

CompanyName : Synaptics, Inc.

FileDescription : Synaptics TouchPad Enhancements

InternalName : Scrolleroo

LegalCopyright : Copyright © Synaptics, Inc. 1996-2002

OriginalFilename : SynTPEnh.exe

 

#:33 [qtzpacer.exe]

FilePath : C:\Program\LAUNCH~1 ProcessID : 2708

ThreadCreationTime : 2005-01-01 16:26:16

BasePriority : Normal

FileVersion : 1, 1, 0, 0

ProductVersion : 1, 10, 0, 2002

ProductName : Dritek System Inc. Launch Manager 01.10.2002 ( VC60 )

CompanyName : Dritek System Inc.

FileDescription : Launch Manager

InternalName : QtZgAcer

LegalCopyright : Copyright ©2001-2002 Dritek System Inc.

OriginalFilename : QtZgAcer.exe

 

#:34 [ccapp.exe]

FilePath : C:\Program\Delade filer\Symantec Shared ProcessID : 2740

ThreadCreationTime : 2005-01-01 16:26:17

BasePriority : Normal

FileVersion : 2.1.0.610

ProductVersion : 2.1.0.610

ProductName : Common Client

CompanyName : Symantec Corporation

FileDescription : Common Client User Session

InternalName : ccApp

LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.

OriginalFilename : ccApp.exe

 

#:35 [lucoms~1.exe]

FilePath : C:\Program\Symantec\LIVEUP~1 ProcessID : 2796

ThreadCreationTime : 2005-01-01 16:26:18

BasePriority : Normal

FileVersion : 1.90.15.0

ProductVersion : 1.90.15.0

ProductName : LiveUpdate

CompanyName : Symantec Corporation

FileDescription : LiveUpdate Engine COM Module

InternalName : LuComServer

LegalCopyright : Copyright 1996-2003

OriginalFilename : LuComServer.exe

 

#:36 [ghoststarttrayapp.exe]

FilePath : C:\Program\Norton SystemWorks\Norton Ghost ProcessID : 2832

ThreadCreationTime : 2005-01-01 16:26:19

BasePriority : Normal

FileVersion : 2003.789

ProductVersion : 2003.789

ProductName : Norton Ghost Start

CompanyName : Symantec Corporation

FileDescription : Norton Ghost Start

InternalName : GhostStartTrayApp

LegalCopyright : Copyright © 1998-2003 Symantec Corp. All rights reserved.

OriginalFilename : GhostStartTrayApp.exe

 

#:37 [acctmgr.exe]

FilePath : C:\Program\Norton SystemWorks\Password Manager ProcessID : 3172

ThreadCreationTime : 2005-01-01 16:26:23

BasePriority : Normal

FileVersion : 2004.1.406

ProductVersion : 2004.1.406

ProductName : Norton Password Manager

CompanyName : Symantec Corporation

FileDescription : Password Manager Controller

InternalName : AcctMgr

LegalCopyright : Copyright © 2003-2004 Symantec Corporation

OriginalFilename : AcctMgr.EXE

 

#:38 [hpnra.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 3184

ThreadCreationTime : 2005-01-01 16:26:23

BasePriority : Normal

FileVersion : 5.0.41.5

ProductVersion : 5.0.41.5

ProductName : HPNRA

CompanyName : Hewlett-Packard

FileDescription : Hewlett-Packard Network Registry Agent

InternalName : HPNRA

LegalCopyright : Copyright © 1993-2000 Hewlett-Packard Company

LegalTrademarks : All Rights Reserved.

OriginalFilename : HPNRA

 

#:39 [hpstatus.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 3192

ThreadCreationTime : 2005-01-01 16:26:24

BasePriority : Normal

FileVersion : 2.5.0.2

ProductVersion : 2.5.0.2

CompanyName : Hewlett-Packard Company

FileDescription : HP Printer Status and Alerts

InternalName : HPSTATUS.EXE

LegalCopyright : Copyright © Hewlett-Packard 2002

OriginalFilename : HPSTATUS.EXE

 

#:40 [statusclient.exe]

FilePath : C:\Program\Hewlett-Packard\Toolbox\StatusClient ProcessID : 3280

ThreadCreationTime : 2005-01-01 16:26:26

BasePriority : Normal

FileVersion : 00 .00 .15

ProductVersion : 00 .00 .15

ProductName : Hewlett-Packard T-TR Status Client

CompanyName : Hewlett-Packard

FileDescription : Hewlett-Packard T-TR Status Client

InternalName : StatusClient.exe

LegalCopyright : Copyright © 2002-2003 Hewlett-Packard Company

LegalTrademarks : All Rights Reserved.

OriginalFilename : StatusClient.exe

 

#:41 [hpwuschd2.exe]

FilePath : C:\Program\Hewlett-Packard\HP Software Update ProcessID : 3316

ThreadCreationTime : 2005-01-01 16:26:29

BasePriority : Normal

FileVersion : 2, 0, 38, 0

ProductVersion : 2, 0, 38, 0

ProductName : Hewlett-Packard hpwuSchd

CompanyName : Hewlett-Packard Company

FileDescription : hpwuSchd

InternalName : hpwuSchd

LegalCopyright : Copyright © 2003

OriginalFilename : hpwuSchd2.exe

 

#:42 [avgcc.exe]

FilePath : C:\Program\Grisoft\AVGFRE~1 ProcessID : 3416

ThreadCreationTime : 2005-01-01 16:26:32

BasePriority : Normal

FileVersion : 7,1,0,295

ProductVersion : 7.1.0.295

ProductName : AVG Anti-Virus System

CompanyName : GRISOFT, s.r.o.

FileDescription : AVG Control Center

InternalName : AvgCC

LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.

OriginalFilename : AvgCC.EXE

 

#:43 [msgplus.exe]

FilePath : C:\Program\Messenger Plus! 3 ProcessID : 3428

ThreadCreationTime : 2005-01-01 16:26:35

BasePriority : Normal

 

 

#:44 [ctfmon.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 3452

ThreadCreationTime : 2005-01-01 16:26:37

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : CTF Loader

InternalName : CTFMON

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : CTFMON.EXE

 

#:45 [javaw.exe]

FilePath : C:\Program\Hewlett-Packard\Toolbox\jre\bin ProcessID : 3516

ThreadCreationTime : 2005-01-01 16:26:40

BasePriority : Normal

 

 

#:46 [wzqkpick.exe]

FilePath : C:\Program\WinZip ProcessID : 3664

ThreadCreationTime : 2005-01-01 16:26:50

BasePriority : Normal

FileVersion : 1.0 (32-bit)

ProductVersion : 8.1 (4319)

ProductName : WinZip

CompanyName : WinZip Computing, Inc.

FileDescription : WinZip Executable

InternalName : WZQKPICK.EXE

LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved

LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc

OriginalFilename : WZQKPICK.EXE

Comments : StringFileInfo: U.S. English

 

#:47 [onenotem.exe]

FilePath : C:\Program\Microsoft Office\OFFICE11 ProcessID : 3688

ThreadCreationTime : 2005-01-01 16:26:52

BasePriority : Normal

 

 

#:48 [acrotray.exe]

FilePath : C:\Program\Adobe\Acrobat 6.0\Distillr ProcessID : 3816

ThreadCreationTime : 2005-01-01 16:26:54

BasePriority : Normal

FileVersion : 6.0.0.2003051500

ProductVersion : 6.0.0.0

ProductName : AcroTray - Adobe Acrobat Distiller helper application.

CompanyName : Adobe Systems Inc.

FileDescription : AcroTray

InternalName : AcroTray

LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.

OriginalFilename : AcroTray.exe

 

#:49 [3comu11gmonitor.exe]

FilePath : C:\Program\3Com\3Com OfficeConnect Wireless 11g USB Adapter Utility\drivers\WINXP ProcessID : 3892

ThreadCreationTime : 2005-01-01 16:26:59

BasePriority : Normal

FileVersion : 3, 3, 3, 9

ProductVersion : 01.00.00.09

ProductName : Monitor Application

FileDescription : WLAN Monitor Utility

InternalName : WLAN Monitor Utility

LegalCopyright : Copyright © 2003

OriginalFilename : NB11GMonitor.EXE

 

#:50 [hpbspsvr.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 2216

ThreadCreationTime : 2005-01-01 16:27:22

BasePriority : Normal

FileVersion : 2.5.0.2

ProductVersion : 2.5.0.2

CompanyName : Hewlett-Packard Company

FileDescription : HP SocketPing Server

InternalName : HPBSPSVR.EXE

LegalCopyright : Copyright © Hewlett-Packard 2002

OriginalFilename : HPBSPSVR.EXE

 

#:51 [hpbjdsnt.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 596

ThreadCreationTime : 2005-01-01 16:27:35

BasePriority : Normal

FileVersion : 2.5.0.2

ProductVersion : 2.5.0.2

CompanyName : Hewlett-Packard Company

FileDescription : HP Job Detector

InternalName : HPBJDSNT.EXE

LegalCopyright : Copyright © Hewlett-Packard 2002

OriginalFilename : HPBJDSNT.EXE

 

#:52 [cidaemon.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 2184

ThreadCreationTime : 2005-01-01 16:32:44

BasePriority : Idle

FileVersion : 5.1.2600.0 (xpclient.010817-1148)

ProductVersion : 5.1.2600.0

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Indexing Service filter daemon

InternalName : cidaemon.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : cidaemon.exe

 

#:53 [cidaemon.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 2364

ThreadCreationTime : 2005-01-01 16:32:52

BasePriority : Idle

FileVersion : 5.1.2600.0 (xpclient.010817-1148)

ProductVersion : 5.1.2600.0

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Indexing Service filter daemon

InternalName : cidaemon.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : cidaemon.exe

 

#:54 [iexplore.exe]

FilePath : C:\Program\Internet Explorer ProcessID : 980

ThreadCreationTime : 2005-01-01 16:54:20

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Internet Explorer

InternalName : iexplore

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : IEXPLORE.EXE

 

#:55 [ad-aware.exe]

FilePath : C:\PROGRAM\LAVASOFT\AD-AWA~2 ProcessID : 2972

ThreadCreationTime : 2005-01-01 17:16:56

BasePriority : Normal

FileVersion : 6.2.0.206

ProductVersion : VI.Second Edition

ProductName : Lavasoft Ad-Aware SE

CompanyName : Lavasoft Sweden

FileDescription : Ad-Aware SE Core application

InternalName : Ad-Aware.exe

LegalCopyright : Copyright © Lavasoft Sweden

OriginalFilename : Ad-Aware.exe

Comments : All Rights Reserved

 

Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

180Solutions Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\180solutions

 

BargainBuddy Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{8eee58d5-130e-4cbd-9c83-35a0564e1357}

 

BargainBuddy Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{8eee58d5-130e-4cbd-9c83-35a0564e1357}

Value :

 

BargainBuddy Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{c6906a23-4717-4e1f-b6fd-f06ebed11357}

 

BargainBuddy Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{c6906a23-4717-4e1f-b6fd-f06ebed11357}

Value :

 

BargainBuddy Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{c6906a23-4717-4e1f-b6fd-f06ebed15678}

 

BargainBuddy Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{c6906a23-4717-4e1f-b6fd-f06ebed15678}

Value :

 

BargainBuddy Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{c6906a23-4717-4e1f-b6fd-f06ebed12468}

 

BargainBuddy Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{c6906a23-4717-4e1f-b6fd-f06ebed12468}

Value :

 

BargainBuddy Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{8eee58d5-130e-4cbd-9c83-35a0564e5678}

 

BargainBuddy Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{8eee58d5-130e-4cbd-9c83-35a0564e5678}

Value :

 

BargainBuddy Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{8eee58d5-130e-4cbd-9c83-35a0564e2468}

 

BargainBuddy Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{8eee58d5-130e-4cbd-9c83-35a0564e2468}

Value :

 

BargainBuddy Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\navisearch

 

BargainBuddy Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\navisearch

Value : UpdateQueryDuration

 

BargainBuddy Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\navisearch

Value : BuildNumber

 

BargainBuddy Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\cashback

 

BargainBuddy Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\cashback

Value : BuildNumber

 

Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 18

Objects found so far: 18

 

 

Started deep registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Deep registry scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 18

 

 

Started Tracking Cookie scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

 

Tracking cookie scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 18

 

 

 

Deep scanning and examining files (C:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

BookedSpace Object Recognized!

Type : File

Data : preInsMt.exe

Category : Malware

Comment :

Object : C:\WINDOWS

 

 

VX2 Object Recognized!

Type : File

Data : preInsTT.exe

Category : Malware

Comment :

Object : C:\WINDOWS

 

Object "preInsMt.exe" found in this archive.

 

BookedSpace Object Recognized!

Type : File

Data : mxTarget.cab

Category : Malware

Comment : Object "preInsMt.exe" found in this archive.

Object : C:\Documents and Settings\Adam\Lokala inställningar\Temp\THI5E10.tmp

 

 

BookedSpace Object Recognized!

Type : File

Data : preInsMt.exe

Category : Malware

Comment :

Object : C:\Documents and Settings\Adam\Lokala inställningar\Temp\THI5E10.tmp

 

Object "twaintec.dll" found in this archive.

 

VX2 Object Recognized!

Type : File

Data : twaintec.cab

Category : Malware

Comment : Object "twaintec.dll" found in this archive.

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temp\THIDBC.tmp

 

Object "preInsTT.exe" found in this archive.

 

VX2 Object Recognized!

Type : File

Data : twaintec.cab

Category : Malware

Comment : Object "preInsTT.exe" found in this archive.

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temp\THIDBC.tmp

 

Object "polall1m.exe" found in this archive.

 

BookedSpace Object Recognized!

Type : File

Data : twaintec.cab

Category : Malware

Comment : Object "polall1m.exe" found in this archive.

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temp\THIDBC.tmp

 

 

VX2 Object Recognized!

Type : File

Data : preInsTT.exe

Category : Malware

Comment :

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temp\THIDBC.tmp

 

 

BargainBuddy Object Recognized!

Type : File

Data : cdt_bbi8016.exe

Category : Malware

Comment :

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temp FileVersion : 8.0.2.7

ProductName : BargainBuddy Decoupling Package

CompanyName : eXact Advertising

FileDescription : BargainBuddy Decoupling Package

LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.

LegalTrademarks : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.

Comments : BargainBuddy Decoupling Package

 

 

Zango Object Recognized!

Type : File

Data : msbb.exe

Category : Malware

Comment :

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temp FileVersion : 5, 11, 0, 3

ProductVersion : 5, 11, 0, 3

ProductName : Search Assistant

CompanyName : 180solutions, Inc.

FileDescription : Search Assistant

LegalCopyright : Copyright © 2004, 180solutions Inc.

 

 

Zango Object Recognized!

Type : File

Data : msbb.exe

Category : Malware

Comment :

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temp\FLEOK FileVersion : 5, 11, 0, 3

ProductVersion : 5, 11, 0, 3

ProductName : Search Assistant

CompanyName : 180solutions, Inc.

FileDescription : Search Assistant

LegalCopyright : Copyright © 2004, 180solutions Inc.

 

 

180Solutions Object Recognized!

Type : File

Data : msbbhook.dll

Category : Data Miner

Comment :

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temp

 

 

BargainBuddy Object Recognized!

Type : File

Data : cdt_bbi8016[1].exe

Category : Malware

Comment :

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temporary Internet Files\Content.IE5\I1GDS785 FileVersion : 8.0.2.7

ProductName : BargainBuddy Decoupling Package

CompanyName : eXact Advertising

FileDescription : BargainBuddy Decoupling Package

LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.

LegalTrademarks : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.

Comments : BargainBuddy Decoupling Package

 

 

180Solutions Object Recognized!

Type : File

Data : msbb[1].exe

Category : Data Miner

Comment :

Object : C:\Documents and Settings\Gäst\Lokala inställningar\Temporary Internet Files\Content.IE5\6XK3I1CV FileVersion : 5, 9, 0, 7

ProductVersion : 5, 9, 0, 7

ProductName : Search Assistant

CompanyName : 180solutions, Inc.

FileDescription : Search Assistant

LegalCopyright : Copyright © 2004, 180solutions Inc.

 

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : gäst@180solutions[1].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\Gäst\Cookies\gäst@180solutions[1].txt

 

VX2 Object Recognized!

Type : File

Data : A0027417.exe

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP114 FileVersion : 1, 0, 0, 12

ProductVersion : 1, 0, 0, 12

ProductName : Install Utility

CompanyName : BetterInternet, Inc.

FileDescription : www.abetterinternet.com - Utility for downloading files and upgrading software.

InternalName : Install Utility

LegalCopyright : BetterInternet, Inc. © 2004

OriginalFilename : InstUtil.exe

Comments : Utility for downloading files and upgrading software. Visit www.abetterinternet.com for more info.

 

 

VX2 Object Recognized!

Type : File

Data : A0027454.DLL

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP114 FileVersion : 0, 1, 4, 35

ProductVersion : 0, 1, 4, 35

ProductName : twaintec

CompanyName : Twaintec

FileDescription : www.twain-tech.com

InternalName : twaintec

LegalCopyright : Copyright © 2003

OriginalFilename : twaintec.dll

Comments : www.Twain-Tech.com

 

 

VX2 Object Recognized!

Type : File

Data : A0027457.dll

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP114 FileVersion : 0, 1, 4, 35

ProductVersion : 0, 1, 4, 35

ProductName : twaintec

CompanyName : Twaintec

FileDescription : www.twain-tech.com

InternalName : twaintec

LegalCopyright : Copyright © 2003

OriginalFilename : twaintec.dll

Comments : www.Twain-Tech.com

 

 

VX2 Object Recognized!

Type : File

Data : A0027464.dll

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP114 FileVersion : 0, 1, 4, 35

ProductVersion : 0, 1, 4, 35

ProductName : twaintec

CompanyName : Twaintec

FileDescription : www.twain-tech.com

InternalName : twaintec

LegalCopyright : Copyright © 2003

OriginalFilename : twaintec.dll

Comments : www.Twain-Tech.com

 

 

VX2 Object Recognized!

Type : File

Data : A0027465.exe

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP114

 

 

VX2 Object Recognized!

Type : File

Data : A0027698.exe

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP116

 

 

VX2 Object Recognized!

Type : File

Data : A0028923.exe

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP120 FileVersion : 1, 0, 0, 12

ProductVersion : 1, 0, 0, 12

ProductName : Install Utility

CompanyName : BetterInternet, Inc.

FileDescription : www.abetterinternet.com - Utility for downloading files and upgrading software.

InternalName : Install Utility

LegalCopyright : BetterInternet, Inc. © 2004

OriginalFilename : InstUtil.exe

Comments : Utility for downloading files and upgrading software. Visit www.abetterinternet.com for more info.

 

 

VX2 Object Recognized!

Type : File

Data : A0029009.exe

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP120 FileVersion : 1, 0, 0, 12

ProductVersion : 1, 0, 0, 12

ProductName : Install Utility

CompanyName : BetterInternet, Inc.

FileDescription : www.abetterinternet.com - Utility for downloading files and upgrading software.

InternalName : Install Utility

LegalCopyright : BetterInternet, Inc. © 2004

OriginalFilename : InstUtil.exe

Comments : Utility for downloading files and upgrading software. Visit www.abetterinternet.com for more info.

 

 

BargainBuddy Object Recognized!

Type : File

Data : A0029024.exe

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP120 FileVersion : 2, 0, 0, 0

ProductVersion : 2, 0, 0, 0

ProductName : BargainsBuddy ADP Module

CompanyName : eXact Advertising

FileDescription : bargains

InternalName : ADP

LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.

OriginalFilename : bargains.exe

 

 

BargainBuddy Object Recognized!

Type : File

Data : A0029027.exe

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP120 FileVersion : 1, 0, 0, 1

ProductVersion : 1, 0, 0, 1

ProductName : Upload Module

CompanyName : eXact Advertising

FileDescription : Upload Module

InternalName : Upload Utility

LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.

OriginalFilename : exul.exe

 

 

BookedSpace Object Recognized!

Type : File

Data : A0029055.exe

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP121

 

 

VX2 Object Recognized!

Type : File

Data : A0029056.exe

Category : Malware

Comment :

Object : C:\System Volume Information\_restore{424407CE-F8E5-4D1E-9B32-A1B108B5C040}\RP121 FileVersion : 1, 0, 0, 12

ProductVersion : 1, 0, 0, 12

ProductName : Install Utility

CompanyName : BetterInternet, Inc.

FileDescription : www.abetterinternet.com - Utility for downloading files and upgrading software.

InternalName : Install Utility

LegalCopyright : BetterInternet, Inc. © 2004

OriginalFilename : InstUtil.exe

Comments : Utility for downloading files and upgrading software. Visit www.abetterinternet.com for more info.

 

 

Disk Scan Result for C:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 45

 

 

Deep scanning and examining files (D:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for D:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 45

 

 

Scanning Hosts file......

Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Hosts file scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

1 entries scanned.

New critical objects:0

Objects found so far: 45

 

 

 

 

Performing conditional scans...

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

BookedSpace Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\new windows

 

BookedSpace Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\new windows

Value : PopupMgr

 

BookedSpace Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\new windows

Value : PlaySound

 

BookedSpace Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\new windows

Value : UseSecBand

 

BookedSpace Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\new windows

Value : BlockUserInit

 

BookedSpace Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\new windows

Value : UseTimerMethod

 

BookedSpace Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\new windows

Value : UseHooks

 

BookedSpace Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\new windows

Value : AllowHTTPS

 

BookedSpace Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\vendor\xml

 

BookedSpace Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\vendor\xml

Value :

 

BookedSpace Object Recognized!

Type : Regkey

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\vendor

 

VX2 Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\toolbar\webbrowser

Value : {0E5CBF21-D15F-11D0-8301-00AA005B4383}

 

VX2 Object Recognized!

Type : RegValue

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\internet explorer\main\featurecontrol\feature_window_restrictions

Value : iexplore.exe

 

VX2 Object Recognized!

Type : File

Data : bisF1.exe

Category : Malware

Comment :

Object : C:\DOCUME~1\Adam\LOKALA~1\Temp

 

 

VX2 Object Recognized!

Type : File

Data : twaintec.PNF

Category : Malware

Comment :

Object : C:\WINDOWS\inf

 

 

VX2 Object Recognized!

Type : File

Data : twaintec.inf

Category : Malware

Comment :

Object : C:\WINDOWS\inf

 

 

VX2 Object Recognized!

Type : File

Data : mxTarget.dll

Category : Malware

Comment :

Object : C:\WINDOWS FileVersion : 0, 2, 4, 67

ProductVersion : 0, 2, 4, 67

ProductName : mxTarget

CompanyName : MX-Targeting

FileDescription : www.mx-targeting.com

InternalName : mxTarget

LegalCopyright : Copyright © 2004

OriginalFilename : mxTarget.dll

Comments : www.mx-targeting.com

 

 

Conditional scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 17

Objects found so far: 62

 

18:36:48 Scan Complete

 

Summary Of This Scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Total scanning time:00:19:32.696

Objects scanned:126582

Objects identified:62

Objects ignored:0

New critical objects:62

 

 

 

 

[927]

 

det är ju bara rensa den skiten som hittats. inaktivera systemåterställningen först.

 

scanna sen igen och lägg in den delen av loggen där det ev finns skräp kvar